Should I fire the person who is writing the following code for me? It is for a website that needs to be extremely secure since we will be handling credit card payments and other personal info including users' names and addresses. I do not know much about coding but from reading the sticky threads, it seems like this guy is using mysql functions and not even filtering data or using prepared statements.

I stopped reading. This is horrible. There is no sanitation of user provided input, so it would be incredible easy to compromise your database. On top of that, the password is only hashed with MD5, which hasn't been reliable as a password hashing mechanism for years.

User input sanitation is quite possible the first and most important aspect of web development security. If the person didn't get this right, I personally wouldn't trust them to do anything properly.

_________________Real programmers don't comment their code. If it was hard to write, it should be hard to understand.

Depends on what complexity. $5k for a database driven site is on the low end but it can be done. The thing is, if the person doesn't do it right you can end up in a situation where the site fails when you need it the most. e.g. you get a rush of orders and it goes down. Things like that can put you out of business quickly.

A senior developer would want about $100k a year.

You'd also need a designer, because senior developers typically aren't that good at art & design.

Depending on traffic, you might also want a DBA, which could be another 100k a year.

I'm sure others will chime in here. The numbers are all over the place. The hardest part is finding true talent.

Who is online

You cannot post new topics in this forumYou cannot reply to topics in this forumYou cannot edit your posts in this forumYou cannot delete your posts in this forumYou cannot post attachments in this forum